Every entry in Cachee carries a 58-byte H33-74 receipt signed by three independent post-quantum signature families. Cache poisoning is cryptographically impossible.
Redis, Memcached, DragonflyDB -- they all assume the data they return is the data that was stored. There is no verification. No attestation. No proof. If an attacker poisons your cache, you serve corrupted data until someone notices.
Traditional caches store bytes and return bytes. They have zero mechanism to verify that what comes out is what went in. A single bit flip, a compromised node, a man-in-the-middle -- and your application silently serves wrong data to every user.
DNS cache poisoning, HTTP cache poisoning, application-layer cache attacks -- these are not theoretical. They are in the OWASP Top 10. Every major CDN and cache layer has been exploited. The root cause is always the same: no cryptographic binding between key and value.
Even if you bolt on HMAC or RSA signatures today, a sufficiently powerful quantum computer running Shor's algorithm will break RSA-2048 and ECDSA in polynomial time. Your cache integrity scheme has an expiration date. Post-quantum signatures do not.
Cachee attaches a 58-byte H33-74 receipt to every cached entry. Three independent post-quantum signature families sign the data. Verification happens at every GET. If even one signature fails, the entry is rejected and re-fetched from origin.
Application calls cachee set session:user42 "{...}". The Cachee engine receives the key-value pair and begins the attestation pipeline before storing anything.
The engine constructs the H33-74: 1-byte version, 8-byte timestamp, 32-byte SHA3-256 hash of the value, 2-byte ML-DSA-65 signature prefix, 2-byte FALCON-512 signature prefix, 2-byte SLH-DSA signature prefix, plus 11 bytes of metadata flags and padding. The full signatures are stored alongside the H33-74 receipt in the verification cache.
The SHA3-256 hash is signed by three independent post-quantum algorithms, each based on a different mathematical hardness assumption: ML-DSA-65 (lattice -- Module Learning With Errors), FALCON-512 (lattice -- NTRU), and SLH-DSA-SHA2-128f (stateless hash-based). An attacker must break all three families simultaneously to forge a receipt.
A 74-byte commitment is anchored to the blockchain of your choice: 32-byte SHA3-256 hash of the H33-74 receipt + 42-byte retrieval pointer (10-byte cache node ID + 32-byte receipt lookup key). This commitment fits within Bitcoin's 80-byte OP_RETURN, a Solana memo, or Ethereum calldata. Immutable, public, auditable.
The value is stored in the cache alongside its 58-byte H33-74 receipt and the full PQ signature bundle. CacheeLFU admission control determines tier placement (L0 hot at ~28ns, L1 DashMap, or eviction). The receipt is the value's permanent identity.
On every cachee get session:user42, the engine re-hashes the value with SHA3-256, verifies it against the H33-74 receipt, and checks all three PQ signatures. If any check fails, the entry is rejected, evicted, and the client receives a cache miss -- forcing a fresh fetch from origin. Poisoned data never reaches your application.
Every cached entry carries this compact receipt. The full PQ signatures are stored in the verification cache; the H33-74 receipt holds hashes and prefixes for fast inline verification.
Type a command below or click one of the preset examples. Watch every step of the post-quantum attestation pipeline execute in real time.
Start with a single Cachee instance for development. Scale to a federated D-Cachee cluster with DHT routing and R-replica consistency -- no central coordinator.
A single-node Cachee instance with tiered storage, CacheeLFU admission control, and integrated PQ attestation. RESP-compatible -- drop in as a Redis replacement.
Federated verification cache with DHT-routed lookups and R-replica consistency. No central coordinator. Each node independently attests and verifies. Nodes join with a single CLI command.
The 74-byte commitment fits within the strictest on-chain data limits. Once anchored, it is immutable, public, and independently auditable by anyone -- without access to the Cachee cluster.
74-byte commitment fits with 6 bytes to spare. Anchored in Bitcoin's UTXO set. Prunable by nodes but permanently in the block history. ~$0.15 per anchor at typical fee rates. Batched across thousands of cache entries per block.
74 bytes in a Solana memo instruction. Sub-second finality. ~$0.001 per anchor. Ideal for high-frequency attestation where you need the commitment available for verification within 400ms.
74 bytes in transaction calldata. Costs 74 x 16 = 1,184 gas for non-zero bytes (worst case). Immutable in the Ethereum execution trace. Compatible with L2 rollups for reduced cost.
Cachee does not sacrifice performance for cryptographic integrity. The Rust sidecar architecture, CacheeLFU admission control, and batched attestation pipeline deliver hardware-class latency with post-quantum verification at every operation.
| Stage | Component | Latency | Pipeline Share | PQ Secure |
|---|---|---|---|---|
| 1. FHE Batch | BFV inner product (32 users/CT) | 943 us | 70% | Yes |
| 2. Batch Attest | SHA3 + Dilithium sign + verify | 391 us | 29% | Yes |
| 3. ZKP Lookup | CacheeEngine cached verification | 0.358 us | <1% | Yes |
| Total (32-user) | Full pipeline | 1,345 us | 100% | Yes |
| Per auth | 1,345 / 32 | ~42 us |
Install Cachee via Homebrew, Cargo, or Docker. Start the engine. Enable attestation. Join a cluster. That is the entire workflow.
$ brew tap h33ai/cachee
$ brew install cachee
$ cachee init
$ cachee start
$ cachee attest --enable
$ cargo install cachee-cli
$ cachee init --config cachee.toml
$ cachee start --attest
# RESP-compatible on port 6399
$ docker pull h33ai/cachee:latest
$ docker run -d -p 6399:6399 \
--name cachee h33ai/cachee:latest
# Attestation enabled by default
Scale from single-node to a federated cluster with one command. No central coordinator. DHT-routed lookups with R-replica consistency. Each node independently attests and verifies.
# On each additional node:
$ cachee init
$ cachee cluster join --seed 10.0.1.10:6399 \
--replicas 3 --attest
$ cachee start
# Verify cluster health:
$ cachee cluster status
CLUSTER 3 nodes | 3 replicas | PQ attest: ACTIVE
NODE-A 10.0.1.10:6399 | L0: 28ns | entries: 1.2M
NODE-B 10.0.1.11:6399 | L0: 29ns | entries: 1.1M
NODE-C 10.0.1.12:6399 | L0: 27ns | entries: 1.2M
Feature-for-feature comparison against every major caching solution. Only Cachee provides post-quantum attestation, on-chain anchoring, and verified reads.
| Feature | Cachee | Redis | Memcached | DragonflyDB |
|---|---|---|---|---|
| Post-quantum attestation | Yes | No | No | No |
| Per-entry integrity verification | Yes | No | No | No |
| On-chain commitment | Yes | No | No | No |
| 3 independent PQ signature families | Yes | No | No | No |
| Cache poisoning protection | Cryptographic | ACL only | None | ACL only |
| RESP protocol compatible | Yes | Native | No | Yes |
| Written in | Rust | C | C | C++ |
| Hot-tier latency | ~28 ns | ~1 us | ~1 us | ~1 us |
| Eviction policy | CacheeLFU | LRU / LFU | LRU | LRU / LFU |
| Federated mode (no coordinator) | D-Cachee | Redis Cluster | No | No |
| ZKP verification cache | Yes | No | No | No |
| Quantum-safe guarantee | 3 families | No | No | No |
Cachee is the only caching service where cache poisoning is not a risk to manage -- it is a mathematical impossibility. Three independent post-quantum signature families. 58-byte H33-74 receipts. Verified at every read.